J&J, IBM face class-action lawsuit over patient data breach
26 Sep 2023
Patent Infringement
Preview
Source: FiercePharma
A proposed class action against Johnson & Johnson and IBM is seeking damages related to a data breach at J&J’s patient assistance program.
As if the talc product liability lawsuits weren’t enough headache for Johnson & Johnson, the New Jersey pharma is now facing another lawsuit from patients, this time about a recent data breach.
A Florida resident alleged that the companies failed to properly protect personal identity and health information up to industry standards or as required by the Health Insurance Portability and Accountability Act, according to a complaint filed with the federal court in the Southern District of New York.
Besides a class-action designation and a jury trial, the lawsuit is seeking an award of damages, among several other demands for J&J and IBM to purge existing personal information and improve their data security.
IBM reported the data breach earlier this month. According to the tech giant, J&J became aware of a technical problem in the Janssen CarePath system and alerted IBM. An IBM investigation confirmed “unauthorized access to personal information in the database” on Aug. 2 but wasn’t able to ascertain the scope of the breach.
The J&J patient assistance platform holds such data as individuals’ names and their contact information, dates of birth, medications and associated conditions but not Social Security numbers and bank accounts, according to IBM.
IBM said the issue has been fixed, and patients are being offered one year of credit monitoring. But those measures are clearly not sufficient for the plaintiff. As the complaint pointed out, once personal data are stolen, “fraudulent use of that information and damage to victims may continue for years.”
Elaine Malinowski, the Floridian plaintiff, was notified of the breach via letter on Sept. 15. She is “made uncomfortable because her personal information and all of her health information is out there,” the complaint says.
Malinowski is now proposing a class of “thousands of” patients affected by the breach. For 2022 alone, the Janssen program assisted more than 1.16 million American patients with accessing medications, according to J&J’s website.
Data breach lawsuits have led to large payouts in the past. Last year, T-Mobile inked a $500 million settlement to resolve a class-action lawsuit related to a 2021 data breach that affected 76.6 million people in the U.S. Consumers recently started to receive cash payments as part of Equifax’s $425 million settlement over the credit reporting firm’s 2017 data breach.
In the healthcare world, Scripps Health in late 2022 agreed to pay nearly $3.6 million to nearly 1.2 million patients whose personal information was compromised during a 2021 data breach.
For more details,please visit the original website
The content of the article does not represent any opinions of Synapse and its affiliated companies. If there is any copyright infringement or error, please contact us, and we will deal with it within 24 hours.
Organizations
Indications
Targets
-Drugs
-Chat with Hiro
Hot reports
Get started for free today!
Accelerate Strategic R&D decision making with Synapse, PatSnap’s AI-powered Connected Innovation Intelligence Platform Built for Life Sciences Professionals.
Start your data trial now!
Synapse data is also accessible to external entities via APIs or data packages. Empower better decisions with the latest in pharmaceutical intelligence.